<?
if($_SESSION[usertype]!='recruiter'){
	$rs = $DB->fetch_one_array("SELECT * FROM " . $db_prefix . "resume WHERE `re_usertype` = '".$_SESSION[usertype]."' AND `re_uid` ='" . $_SESSION[uid]."'");
}
$re_fname = mysql_escape_string(trim($_POST[re_fname]));
$re_lname = mysql_escape_string(trim($_POST[re_lname]));
$re_email = mysql_escape_string(trim($_POST[re_email]));
$re_address1 = mysql_escape_string(trim($_POST[re_address1]));
$re_address2 = mysql_escape_string(trim($_POST[re_address2]));
$re_lostate = mysql_escape_string(trim($_POST[re_lostate]));
$re_locountry = mysql_escape_string(trim($_POST[re_locountry]));
$re_locity = mysql_escape_string(trim($_POST[re_locity]));
$re_phone1 = mysql_escape_string(trim($_POST[re_phone1]));
$re_phone2 = mysql_escape_string(trim($_POST[re_phone2]));
$re_jobtype = mysql_escape_string(trim($_POST[re_jobtype]));
$re_jobindustry = mysql_escape_string(trim($_POST[re_jobindustry]));
$re_jobtitle = mysql_escape_string(trim($_POST[re_jobtitle]));
$re_yearexp = mysql_escape_string(trim($_POST[re_yearexp]));
$re_edulevel = mysql_escape_string(trim($_POST[re_edulevel]));
$re_proflicense = mysql_escape_string(trim($_POST[re_proflicense]));
$re_mgmt = mysql_escape_string(trim($_POST[re_mgmt]));
$re_profit = mysql_escape_string(trim($_POST[re_profit]));
$re_spoken = mysql_escape_string(trim($_POST[re_spoken]));
$re_prolang = mysql_escape_string(trim($_POST[re_prolang]));
$re_ip = mysql_escape_string(trim($_POST[re_ip]));
$re_ussecurity = mysql_escape_string(trim($_POST[re_ussecurity]));
$re_authorize = mysql_escape_string(trim($_POST[re_authorize]));
$re_detail = mysql_escape_string(trim($_POST[re_detail]));
$re_comments = mysql_escape_string(trim($_POST[re_comments]));
$re_currentpay = mysql_escape_string(trim($_POST[re_currentpay]));
$re_desiredpay = mysql_escape_string(trim($_POST[re_desiredpay]));
$re_jobsearchstatus = mysql_escape_string(trim($_POST[re_jobsearchstatus]));
$re_benefits = mysql_escape_string(trim($_POST[re_benefits]));
$re_schoolattend = mysql_escape_string(trim($_POST[re_schoolattend]));
$re_describeme = mysql_escape_string(trim($_POST[re_describeme]));
$re_favoriatebook = mysql_escape_string(trim($_POST[re_favoriatebook]));
$re_highachieve = mysql_escape_string(trim($_POST[re_highachieve]));
$re_iplan = mysql_escape_string(trim($_POST[re_iplan]));
$re_iliketo = mysql_escape_string(trim($_POST[re_iliketo]));
$re_personalweb= mysql_escape_string(trim($_POST[re_personalweb]));
$re_prvemployer= mysql_escape_string(trim($_POST[re_prvemployer]));
$re_prvempstatus= mysql_escape_string(trim($_POST[re_prvempstatus]));
$re_professavilable= mysql_escape_string(trim($_POST[re_professavilable]));
$re_private= mysql_escape_string(trim($_POST[re_private]));
$re_sponsorship = mysql_escape_string(trim($_POST[re_sponsorship]));
$jid = $_POST[jid];

if($_FILES["uploadfile"][name]!=''){
	   $f = new upfile("uploadfiles/resumes/","pdf,doc,rar,zip,txt,docx");
	   $f->maxsize = "10000000";
	   if($f->upload("uploadfile")){
		 $filename1 = $f->savename;
	     $file = "`re_upload`='$filename1' ,";
	   }
}


if(!empty($_POST) && checkFormSubmit() === true){
		if($_POST[editid]!=''){//recuriter update it
					$insertid = $_POST[editid];
		}else{
			$sql = "insert into " . $db_prefix . "resume (re_uid,re_aliasid,re_usertype,re_uname,re_regtime,re_updtime) values ('".$_SESSION[uid]."','".$jid."','".$_SESSION[usertype]."','".$_SESSION[uname]."','".time()."','".time()."')";
			$DB->query($sql);
			$insertid = $DB->insert_id();
		}
		$regtime = time();
		$sql = "UPDATE " . $db_prefix . "resume 
						 SET 
						 ". $file . "
						`re_uname`='".$_SESSION[uname]."',
						`re_fname`='" . $re_fname . "'  ,
						`re_lname`='" . $re_lname . "'  ,
						`re_email`='" . $re_email . "' ,
						`re_address1`='" . $re_address1 . "' ,
						`re_address2`='" . $re_address2 . "' , 
						`re_lostate`='" . $re_lostate . "' ,
						`re_locountry`='" . $re_locountry . "',
						`re_locity` ='" . $re_locity . "' , 
						`re_phone1`='" . $re_phone1 . "' ,
						`re_phone2`='" . $re_phone2 . "' , 
						`re_jobtype`= '" . $re_jobtype . "', 
						`re_jobindustry`='" . $re_jobindustry . "' ,
						`re_jobtitle`='" . $re_jobtitle . "'  ,
						`re_yearexp`='" . $re_yearexp . "' ,
						`re_edulevel`='" . $re_edulevel . "' ,
						`re_snoud`='" . $re_snoud . "' ,
						`re_snohd`='" . $re_snohd . "' ,
						`re_proflicense`='" . $re_proflicense . "' ,
						`re_mgmt`='" . $re_mgmt . "' ,
						`re_profit`='" . $re_profit . "' ,
						`re_spoken`='" . $re_spoken . "' ,
						`re_prolang`='" . $re_prolang . "' ,
						`re_ip`='" . $re_ip . "' ,
						`re_ussecurity`='" . $re_ussecurity . "' ,
						`re_authorize`='" . $re_authorize . "' ,
						`re_detail`='" . $re_detail . "' ,
						`re_comments`='" . $re_comments . "',
						`re_currentpay` = '".$re_currentpay."',
						`re_desiredpay` = '".$re_desiredpay."',
						`re_jobsearchstatus` ='".$re_jobsearchstatus."',
						`re_benefits` = '".$re_benefits."',
						`re_schoolattend` = '".$re_schoolattend."',
						`re_describeme` = '".$re_describeme."',
						`re_favoriatebook` ='".$re_favoriatebook."',
						`re_highachieve` ='".$re_highachieve."',
						`re_iplan`       = '".$re_iplan."',
						`re_iliketo`     = '".$re_iliketo."',
						`re_personalweb` = '".$re_personalweb."',
						`re_prvemployer` = '".$re_prvemployer."',
						`re_prvempstatus` = '".$re_prvempstatus."',
						`re_professavilable`= '".$re_professavilable."',
						`re_private`= '".$re_private."',
						`re_sponsorship` = '".$re_sponsorship."',
						`re_updtime`='".$regtime."'
						 WHERE re_id = '".$insertid."'" ;
		$DB->query($sql);

		if($_POST[editid] == ''){
			$joblist = $DB->fetch_one_array("SELECT * FROM pa_job WHERE jo_id = '".$jid."' ");
			$sql = "INSERT INTO pa_applicant (`app_jobid`,`app_owntype`,`app_ownid`,`app_candidateid`,`app_resumeid`,`app_regtime`) VALUES ('".$jid."','candidate','".$joblist[jo_uid]."','".$_SESSION[uid]."','".$insertid."','".time()."')";
			$DB->query($sql);

			$appInsertId = $DB->insert_id();
			//candidate
			//update the message table
			$sql = "SELECT jo_title, jo_utype, jo_priemail,jo_priname  FROM pa_job WHERE jo_id = '".$jid."' ";
			$jobInfo = $DB->fetch_one_array($sql);
			if($_SESSION[usertype] == 'candidate' && $jobInfo['jo_utype'] == 'recruiter' ){				
				$subject = 'Applicant For '.$jobInfo['jo_title'].'';
				$content = 'From: '.$_SESSION['realname'].'<br>
							Subject: Applicant for ‘'.$jobInfo['jo_title'].'’<br>
							Type: Candidate <br>
							Date: '.date("m-d-Y",$regtime).' <br>';

				$type = 1;
				//job belongs to recruiter 
				$sql = "SELECT rc_email,rc_fname,rc_lname,rc_copname FROM pa_recuiter WHERE rc_id = '".$joblist['jo_uid']."'";
				$toRecInfo = $DB->fetch_one_array($sql);

				$sql = "INSERT INTO pa_email (e_sentrcid, e_receivedrcid, e_sendertype,e_receivertype,e_joid, e_type, e_fromemail, e_fromname, e_toemail, e_toname, e_subject, e_content, e_resumefile, e_applicantId, e_created) VALUES (
					'".$_SESSION['uid']."',
					'".$joblist['jo_uid']."',
					'".$_SESSION['usertype']."',
					'recruiter',
					'".$jid."',
					'2',
					'".$_SESSION['useremail']."',
					'".$_SESSION['realname']."',
					'".$toRecInfo['rc_email']."',
					'".$toRecInfo['rc_copname']."',
					'".$subject."',
					'".$content."',
					'".$filename1."',
					'".$appInsertId."',
					'".$regtime."'
				)";
				$DB->query($sql);
			}
			//send an Alert Email
			//Send Email
			require_once("./include/class.phpmailer.php");

			$mail=new PHPMailer();

			$mail->IsMail();
			$mail->From     = $_SESSION['useremail'];
			$mail->FromName = $_SESSION['realname'];
			//foreach($to_emails as $key => $single_email){
			if($jobInfo['jo_priemail'] != ''){
				$mail->AddAddress($jobInfo['jo_priemail'],$jobInfo['jo_priname']);
			}else{
				$mail->AddAddress($toRecInfo['rc_email'],$toRecInfo['rc_copname']);
			}

			if($_FILES["uploadfile"]['name']!=''){
				$mail->AddAttachment("./uploadfiles/resumes/".$filename1, $filename1);
			}

			$mail->IsHTML(true);
			$mail->Subject = stripslashes($_SESSION['realname']." applied to your job ".$jobInfo['jo_title']);

			$content = "<b>Name: </b>".$_SESSION['realname']."<br>";
			$content .= "<b>Email: </b> ".$_SESSION['useremail']."<br>";
			$content .= "<b>Phone: </b> ".$re_phone1."<br>";
			$content .= "<b>Applied to Job: </b> ".$jobInfo['jo_title']."<br>";
			$content .= "<b>ER Job Req #: </b> ".$jid."<br><br>";
			$content .= "<b>Resume Details: </b> <br><br>" . $re_detail;
			$mail->Body = $content;



			$mail->CharSet = 'UTF-8';

			$mail->Send();

			$err = "<h3 style=\"color:red\">You have submitted successfully!</h3><meta http-equiv=\"refresh\" content=\"3;url=jobsapplied.php\">";
		}else{
			$err = "<h3 style=\"color:red\">Your changes have been successfully updated!</h3><meta http-equiv=\"refresh\" content=\"3;url=jobsapplied.php\">";
		}
}



/*
$rsp = $DB->fetch_one_array("SELECT re_id FROM ".$db_prefix."resume ORDER BY re_id DESC");

$err = "<h3 style=\"color:red\">Your changes have been successfully updated!</h3><meta http-equiv=\"refresh\" content=\"3;URL=".$_SESSION[homeUrl]."\">";
if($_SESSION[usertype]=='recruiter'){
     $err = "<h3 style=\"color:red\">Your changes have been successfully updated</h3><meta http-equiv=\"refresh\" content=\"3;URL=resumeaction.php?view=op&action=view&id=$rsp[re_id]\">";
}
if($_POST[editid]!=''&&$_SESSION[usertype]=='recruiter'){
     $err = "<h3 style=\"color:red\">Your changes have been successfully updated!</h3><meta http-equiv=\"refresh\" content=\"3;URL=mycandidates.php\">";
}
if($_POST['return']){
	if($_SESSION[backurl]!=''){
	 $err = "<h3 style=\"color:red\">Your changes have been successfully updated!</h3><meta http-equiv=\"refresh\" content=\"3;URL=submitapplicant.php?".$_SESSION[backurl]."&back=1\">";
	}else{
	 $err = "<h3 style=\"color:red\">Your changes have been successfully updated!</h3><meta http-equiv=\"refresh\" content=\"3;URL=submitapplicant.php?jid=".$_POST['return']."&back=1\">";
	}
}
*/
$re_usertype = mysql_escape_string(trim($_POST[re_usertype]));
$re_fname = mysql_escape_string(trim($_POST[re_fname]));
$re_lname = mysql_escape_string(trim($_POST[re_lname]));
$re_email = mysql_escape_string(trim($_POST[re_email]));
$re_address1 = mysql_escape_string(trim($_POST[re_address1]));
$re_address2 = mysql_escape_string(trim($_POST[re_address2]));
$re_lostate = mysql_escape_string(trim($_POST[re_lostate]));
$re_locountry = mysql_escape_string(trim($_POST[re_locountry]));
$re_locity = mysql_escape_string(trim($_POST[re_locity]));
$re_phone1 = mysql_escape_string(trim($_POST[re_phone1]));
$re_phone2 = mysql_escape_string(trim($_POST[re_phone2]));
$re_jobtype = mysql_escape_string(trim($_POST[re_jobtype]));
$re_jobindustry = mysql_escape_string(trim($_POST[re_jobindustry]));
$re_jobtitle = mysql_escape_string(trim($_POST[re_jobtitle]));
$re_yearexp = mysql_escape_string(trim($_POST[re_yearexp]));
$re_edulevel = mysql_escape_string(trim($_POST[re_edulevel]));
$re_proflicense = mysql_escape_string(trim($_POST[re_proflicense]));
$re_mgmt = mysql_escape_string(trim($_POST[re_mgmt]));
$re_profit = mysql_escape_string(trim($_POST[re_profit]));
$re_spoken = mysql_escape_string(trim($_POST[re_spoken]));
$re_prolang = mysql_escape_string(trim($_POST[re_prolang]));
$re_ip = mysql_escape_string(trim($_POST[re_ip]));
$re_ussecurity = mysql_escape_string(trim($_POST[re_ussecurity]));
$re_authorize = mysql_escape_string(trim($_POST[re_authorize]));
$re_detail = mysql_escape_string(trim($_POST[re_detail]));
$re_comments = mysql_escape_string(trim($_POST[re_comments]));
$re_currentpay = mysql_escape_string(trim($_POST[re_currentpay]));
$re_desiredpay = mysql_escape_string(trim($_POST[re_desiredpay]));
$re_jobsearchstatus = mysql_escape_string(trim($_POST[re_jobsearchstatus]));
$re_benefits = mysql_escape_string(trim($_POST[re_benefits]));
$re_schoolattend = mysql_escape_string(trim($_POST[re_schoolattend]));
$re_describeme = mysql_escape_string(trim($_POST[re_describeme]));
$re_favoriatebook = mysql_escape_string(trim($_POST[re_favoriatebook]));
$re_highachieve = mysql_escape_string(trim($_POST[re_highachieve]));
$re_iplan = mysql_escape_string(trim($_POST[re_iplan]));
$re_iliketo = mysql_escape_string(trim($_POST[re_iliketo]));
$re_personalweb= mysql_escape_string(trim($_POST[re_personalweb]));
$re_prvemployer= mysql_escape_string(trim($_POST[re_prvemployer]));
$re_prvempstatus= mysql_escape_string(trim($_POST[re_prvempstatus]));
$re_professavilable= mysql_escape_string(trim($_POST[re_professavilable]));
$re_private= mysql_escape_string(trim($_POST[re_private]));
$re_id = mysql_escape_string(trim($_POST[editid]));
$status = 1;

?>